<!DOCTYPE html>
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=emulateIE7" />
    <title>Coverage for skf/api/chatbot/scripts/entity_reco.py: 100%</title>
    <link rel="icon" sizes="32x32" href="favicon_32.png">
    <link rel="stylesheet" href="style.css" type="text/css">
    <script type="text/javascript" src="jquery.min.js"></script>
    <script type="text/javascript" src="jquery.hotkeys.js"></script>
    <script type="text/javascript" src="jquery.isonscreen.js"></script>
    <script type="text/javascript" src="coverage_html.js"></script>
    <script type="text/javascript">
        jQuery(document).ready(coverage.pyfile_ready);
    </script>
</head>
<body class="pyfile">
<div id="header">
    <div class="content">
        <h1>Coverage for <b>skf/api/chatbot/scripts/entity_reco.py</b> :
            <span class="pc_cov">100%</span>
        </h1>
        <img id="keyboard_icon" src="keybd_closed.png" alt="Show keyboard shortcuts" />
        <h2 class="stats">
            3 statements &nbsp;
            <button type="button" class="run shortkey_r button_toggle_run" title="Toggle lines run">3 run</button>
            <button type="button" class="mis show_mis shortkey_m button_toggle_mis" title="Toggle lines missing">0 missing</button>
            <button type="button" class="exc show_exc shortkey_x button_toggle_exc" title="Toggle lines excluded">0 excluded</button>
        </h2>
    </div>
</div>
<div class="help_panel">
    <img id="panel_icon" src="keybd_open.png" alt="Hide keyboard shortcuts" />
    <p class="legend">Hot-keys on this page</p>
    <div>
    <p class="keyhelp">
        <span class="key">r</span>
        <span class="key">m</span>
        <span class="key">x</span>
        <span class="key">p</span> &nbsp; toggle line displays
    </p>
    <p class="keyhelp">
        <span class="key">j</span>
        <span class="key">k</span> &nbsp; next/prev highlighted chunk
    </p>
    <p class="keyhelp">
        <span class="key">0</span> &nbsp; (zero) top of page
    </p>
    <p class="keyhelp">
        <span class="key">1</span> &nbsp; (one) first highlighted chunk
    </p>
    </div>
</div>
<div id="source">
    <p id="t1" class="run"><span class="n"><a href="#t1">1</a></span><span class="t"><span class="key">def</span> <span class="nam">entity_data</span><span class="op">(</span><span class="op">)</span><span class="op">:</span>&nbsp;</span><span class="r"></span></p>
    <p id="t2" class="run"><span class="n"><a href="#t2">2</a></span><span class="t">        <span class="nam">vuln_dict</span><span class="op">=</span><span class="op">{</span><span class="str">'xss'</span><span class="op">:</span><span class="str">'xss injection'</span><span class="op">,</span><span class="str">'cross site scripting'</span><span class="op">:</span><span class="str">'xss injection'</span><span class="op">,</span><span class="str">'malicious script is injected directly'</span><span class="op">:</span><span class="str">'xss injection'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t3" class="pln"><span class="n"><a href="#t3">3</a></span><span class="t">        <span class="str">'Sessions pattern'</span><span class="op">:</span> <span class="str">'Sessions pattern'</span><span class="op">,</span><span class="str">'unauthenticated access security logs'</span><span class="op">:</span><span class="str">'Unauthorized and unauthenticated access security logs'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t4" class="pln"><span class="n"><a href="#t4">4</a></span><span class="t">        <span class="str">'Unauthorized access security logs'</span><span class="op">:</span><span class="str">'Unauthorized and unauthenticated access security logs'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t5" class="pln"><span class="n"><a href="#t5">5</a></span><span class="t">        <span class="str">'access security logs'</span><span class="op">:</span><span class="str">'Unauthorized and unauthenticated access security logs'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t6" class="pln"><span class="n"><a href="#t6">6</a></span><span class="t">        <span class="str">'Unauthorized and unauthenticated access security logs'</span><span class="op">:</span> <span class="str">'Unauthorized and unauthenticated access security logs'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t7" class="pln"><span class="n"><a href="#t7">7</a></span><span class="t">        <span class="str">'Disallow the use of old passwords'</span><span class="op">:</span> <span class="str">'Disallow the use of old passwords'</span><span class="op">,</span><span class="str">'Absolute time out'</span><span class="op">:</span><span class="str">'Absolute session time out'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t8" class="pln"><span class="n"><a href="#t8">8</a></span><span class="t">        <span class="str">'Identify external dependencies'</span><span class="op">:</span> <span class="str">'Identify external dependencies'</span><span class="op">,</span><span class="str">'session time out'</span><span class="op">:</span><span class="str">'Absolute session time out'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t9" class="pln"><span class="n"><a href="#t9">9</a></span><span class="t">        <span class="str">'Absolute session time out'</span><span class="op">:</span> <span class="str">'Absolute session time out'</span><span class="op">,</span> <span class="str">'Incorrect or missing charset'</span><span class="op">:</span> <span class="str">'Incorrect or missing charset'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t10" class="pln"><span class="n"><a href="#t10">10</a></span><span class="t">        <span class="str">'Incorrect or missing charset'</span><span class="op">:</span><span class="str">'Incorrect charset'</span><span class="op">,</span><span class="str">'missing charset'</span><span class="op">:</span><span class="str">'Incorrect or missing charset'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t11" class="pln"><span class="n"><a href="#t11">11</a></span><span class="t">        <span class="str">'Protecting device memory'</span><span class="op">:</span> <span class="str">'Protecting device memory'</span><span class="op">,</span><span class="str">'Protect device memory'</span><span class="op">:</span><span class="str">'Protecting device memory'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t12" class="pln"><span class="n"><a href="#t12">12</a></span><span class="t">        <span class="str">'HTTP strict transport security'</span><span class="op">:</span> <span class="str">'HTTP strict transport security'</span><span class="op">,</span><span class="str">'HTTP transport security'</span><span class="op">:</span><span class="str">'HTTP strict transport security'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t13" class="pln"><span class="n"><a href="#t13">13</a></span><span class="t">        <span class="str">'HTTP security'</span><span class="op">:</span><span class="str">'HTTP strict transport security'</span><span class="op">,</span><span class="str">'Val,idated cryptographic'</span><span class="op">:</span><span class="str">'Validated cryptographic modules'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t14" class="pln"><span class="n"><a href="#t14">14</a></span><span class="t">        <span class="str">'Validated cryptographic modules'</span><span class="op">:</span> <span class="str">'Validated cryptographic modules'</span><span class="op">,</span><span class="str">'Block weak passphrases'</span><span class="op">:</span><span class="str">'Block common password and weak passphrases'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t15" class="pln"><span class="n"><a href="#t15">15</a></span><span class="t">        <span class="str">'Block common password and weak passphrases'</span><span class="op">:</span> <span class="str">'Block common password and weak passphrases'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t16" class="pln"><span class="n"><a href="#t16">16</a></span><span class="t">        <span class="str">'Block common password'</span><span class="op">:</span><span class="str">'Block common password and weak passphrases'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t17" class="pln"><span class="n"><a href="#t17">17</a></span><span class="t">        <span class="str">'Build proccess security hardening'</span><span class="op">:</span> <span class="str">'Build proccess security hardening'</span><span class="op">,</span><span class="str">'administrative interfaces'</span><span class="op">:</span><span class="str">'administrative interfaces must not be accessible to untrusted parties'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t18" class="pln"><span class="n"><a href="#t18">18</a></span><span class="t">        <span class="str">'administrative interfaces must not be accessible to untrusted parties'</span><span class="op">:</span> <span class="str">'administrative interfaces must not be accessible to untrusted parties'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t19" class="pln"><span class="n"><a href="#t19">19</a></span><span class="t">        <span class="str">'OCSP'</span><span class="op">:</span><span class="str">'OCSP stapling'</span><span class="op">,</span><span class="str">'Insecure communication'</span><span class="op">:</span><span class="str">'Insecure internal communication'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t20" class="pln"><span class="n"><a href="#t20">20</a></span><span class="t">        <span class="str">'OCSP stapling'</span><span class="op">:</span> <span class="str">'OCSP stapling'</span><span class="op">,</span> <span class="str">'Client side input validation'</span><span class="op">:</span> <span class="str">'Client side input validation'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t21" class="pln"><span class="n"><a href="#t21">21</a></span><span class="t">        <span class="str">'Insecure internal communication'</span><span class="op">:</span> <span class="str">'Insecure internal communication'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t22" class="pln"><span class="n"><a href="#t22">22</a></span><span class="t">        <span class="str">'Certificate paths'</span><span class="op">:</span><span class="str">'Certificate paths revocation information'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t23" class="pln"><span class="n"><a href="#t23">23</a></span><span class="t">        <span class="str">'Certificate paths revocation information'</span><span class="op">:</span> <span class="str">'Certificate paths revocation information'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t24" class="pln"><span class="n"><a href="#t24">24</a></span><span class="t">        <span class="str">'sanitise sensitive data rapidly from memory'</span><span class="op">:</span> <span class="str">'sanitise sensitive data rapidly from memory'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t25" class="pln"><span class="n"><a href="#t25">25</a></span><span class="t">        <span class="str">'access control decisions'</span><span class="op">:</span><span class="str">'Logging access control decisions'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t26" class="pln"><span class="n"><a href="#t26">26</a></span><span class="t">        <span class="str">'Logging access control decisions'</span><span class="op">:</span> <span class="str">'Logging access control decisions'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t27" class="pln"><span class="n"><a href="#t27">27</a></span><span class="t">        <span class="str">'Unauthorised access'</span><span class="op">:</span><span class="str">'Unauthorised access and modification'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t28" class="pln"><span class="n"><a href="#t28">28</a></span><span class="t">        <span class="str">'Unauthorised access and modification'</span><span class="op">:</span> <span class="str">'Unauthorised access and modification'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t29" class="pln"><span class="n"><a href="#t29">29</a></span><span class="t">        <span class="str">'memory dumping attacks'</span><span class="op">:</span><span class="str">'Mitigate memory dumping attacks'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t30" class="pln"><span class="n"><a href="#t30">30</a></span><span class="t">        <span class="str">'Mitigate dumping attacks'</span><span class="op">:</span><span class="str">'Mitigate memory dumping attacks'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t31" class="pln"><span class="n"><a href="#t31">31</a></span><span class="t">        <span class="str">'Mitigate memory dumping attacks'</span><span class="op">:</span> <span class="str">'Mitigate memory dumping attacks'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t32" class="pln"><span class="n"><a href="#t32">32</a></span><span class="t">        <span class="str">'All access controls must fail securely'</span><span class="op">:</span> <span class="str">'All access controls must fail securely'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t33" class="pln"><span class="n"><a href="#t33">33</a></span><span class="t">        <span class="str">'application level logging'</span><span class="op">:</span><span class="str">'Single application level logging'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t34" class="pln"><span class="n"><a href="#t34">34</a></span><span class="t">        <span class="str">'Single application level logging'</span><span class="op">:</span> <span class="str">'Single application level logging'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t35" class="pln"><span class="n"><a href="#t35">35</a></span><span class="t">        <span class="str">'Include anti'</span><span class="op">:</span> <span class="str">'Include anti'</span><span class="op">,</span> <span class="str">'Filename injection'</span><span class="op">:</span><span class="str">'Filename injection Path traversel'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t36" class="pln"><span class="n"><a href="#t36">36</a></span><span class="t">        <span class="str">'Path traversel'</span><span class="op">:</span><span class="str">'Filename injection Path traversel'</span><span class="op">,</span><span class="str">'File inclusion'</span><span class="op">:</span><span class="str">'File inclusion attack'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t37" class="pln"><span class="n"><a href="#t37">37</a></span><span class="t">        <span class="str">'Filename injection Path traversel'</span><span class="op">:</span> <span class="str">'Filename injection Path traversel'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t38" class="pln"><span class="n"><a href="#t38">38</a></span><span class="t">        <span class="str">'File inclusion attack'</span><span class="op">:</span> <span class="str">'File inclusion attack'</span><span class="op">,</span> <span class="str">'deploy in a secure fashion'</span><span class="op">:</span><span class="str">'Build and deploy in a secure fashion'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t39" class="pln"><span class="n"><a href="#t39">39</a></span><span class="t">        <span class="str">'Build in a secure fashion'</span><span class="op">:</span><span class="str">'Build and deploy in a secure fashion'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t40" class="pln"><span class="n"><a href="#t40">40</a></span><span class="t">        <span class="str">'Build and deploy in a secure fashion'</span><span class="op">:</span> <span class="str">'Build and deploy in a secure fashion'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t41" class="pln"><span class="n"><a href="#t41">41</a></span><span class="t">        <span class="str">'Input rejection'</span><span class="op">:</span> <span class="str">'Input rejection'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t42" class="pln"><span class="n"><a href="#t42">42</a></span><span class="t">        <span class="str">'Identify and use only require functions if using components'</span><span class="op">:</span> <span class="str">'Identify and use only require functions if using components'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t43" class="pln"><span class="n"><a href="#t43">43</a></span><span class="t">        <span class="str">'Transport Security header'</span><span class="op">:</span><span class="str">'Include Strict Transport Security header'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t44" class="pln"><span class="n"><a href="#t44">44</a></span><span class="t">        <span class="str">'Include Strict Transport Security header'</span><span class="op">:</span> <span class="str">'Include Strict Transport Security header'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t45" class="pln"><span class="n"><a href="#t45">45</a></span><span class="t">        <span class="str">'WYSIWYG editors'</span><span class="op">:</span> <span class="str">'WYSIWYG editors'</span><span class="op">,</span><span class="str">'Differential attack'</span><span class="op">:</span><span class="str">'Differential analysis attack'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t46" class="pln"><span class="n"><a href="#t46">46</a></span><span class="t">        <span class="str">'Differential analysis attack'</span><span class="op">:</span> <span class="str">'Differential analysis attack'</span><span class="op">,</span> <span class="str">'Input validation'</span><span class="op">:</span> <span class="str">'Input validation'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t47" class="pln"><span class="n"><a href="#t47">47</a></span><span class="t">        <span class="str">'Domain cookies'</span><span class="op">:</span><span class="str">'Session Domain cookies'</span><span class="op">,</span><span class="str">'Enforce sensitive information'</span><span class="op">:</span><span class="str">'Enforce sensitive information to be stored encrypted on device'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t48" class="pln"><span class="n"><a href="#t48">48</a></span><span class="t">        <span class="str">'Session Domain cookies'</span><span class="op">:</span> <span class="str">'Session Domain cookies'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t49" class="pln"><span class="n"><a href="#t49">49</a></span><span class="t">        <span class="str">'Data from untrusted sources'</span><span class="op">:</span> <span class="str">'Data from untrusted sources'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t50" class="pln"><span class="n"><a href="#t50">50</a></span><span class="t">        <span class="str">'Enforce sensitive information to be stored encrypted on device'</span><span class="op">:</span> <span class="str">'Enforce sensitive information to be stored encrypted on device'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t51" class="pln"><span class="n"><a href="#t51">51</a></span><span class="t">        <span class="str">'Limiting user input size'</span><span class="op">:</span> <span class="str">'Limiting user input size'</span><span class="op">,</span><span class="str">'Limiting input size'</span><span class="op">:</span><span class="str">'Limiting user input size'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t52" class="pln"><span class="n"><a href="#t52">52</a></span><span class="t">        <span class="str">'Canonicalized input'</span><span class="op">:</span><span class="str">'Canonicalized user input'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t53" class="pln"><span class="n"><a href="#t53">53</a></span><span class="t">        <span class="str">'Canonicalized user input'</span><span class="op">:</span> <span class="str">'Canonicalized user input'</span><span class="op">,</span><span class="str">'step up authentication'</span><span class="op">:</span><span class="str">'step up or adaptive authentication'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t54" class="pln"><span class="n"><a href="#t54">54</a></span><span class="t">        <span class="str">'adaptive authentication'</span><span class="op">:</span><span class="str">'step up or adaptive authentication'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t55" class="pln"><span class="n"><a href="#t55">55</a></span><span class="t">        <span class="str">'step up or adaptive authentication'</span><span class="op">:</span> <span class="str">'step up or adaptive authentication'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t56" class="pln"><span class="n"><a href="#t56">56</a></span><span class="t">        <span class="str">'IP adresses in internal HTTP headers'</span><span class="op">:</span> <span class="str">'IP adresses in internal HTTP headers'</span><span class="op">,</span><span class="str">'LDAP'</span><span class="op">:</span><span class="str">'LDAP injection'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t57" class="pln"><span class="n"><a href="#t57">57</a></span><span class="t">        <span class="str">'Logging guidelines to access sensitive information'</span><span class="op">:</span> <span class="str">'Logging guidelines to access sensitive information'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t58" class="pln"><span class="n"><a href="#t58">58</a></span><span class="t">        <span class="str">'LDAP injection'</span><span class="op">:</span> <span class="str">'LDAP injection'</span><span class="op">,</span><span class="str">'Log viewing software'</span><span class="op">:</span><span class="str">'Log viewing software code injection'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t59" class="pln"><span class="n"><a href="#t59">59</a></span><span class="t">        <span class="str">'Log viewing software code injection'</span><span class="op">:</span> <span class="str">'Log viewing software code injection'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t60" class="pln"><span class="n"><a href="#t60">60</a></span><span class="t">        <span class="str">'No shared knowledge for secret questions'</span><span class="op">:</span> <span class="str">'No shared knowledge for secret questions'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t61" class="pln"><span class="n"><a href="#t61">61</a></span><span class="t">        <span class="str">'Verbose error'</span><span class="op">:</span><span class="str">'Verbose error messaging'</span><span class="op">,</span><span class="str">'Verbose error message'</span><span class="op">:</span><span class="str">'Verbose error messaging'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t62" class="pln"><span class="n"><a href="#t62">62</a></span><span class="t">        <span class="str">'Verbose error messaging'</span><span class="op">:</span> <span class="str">'Verbose error messaging'</span><span class="op">,</span> <span class="str">'Segregated components'</span><span class="op">:</span> <span class="str">'Segregated components'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t63" class="pln"><span class="n"><a href="#t63">63</a></span><span class="t">        <span class="str">'File inclusion attack II'</span><span class="op">:</span> <span class="str">'File inclusion attack II'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t64" class="pln"><span class="n"><a href="#t64">64</a></span><span class="t">        <span class="str">'Predictable password and or token generation'</span><span class="op">:</span> <span class="str">'Predictable password and or token generation'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t65" class="pln"><span class="n"><a href="#t65">65</a></span><span class="t">        <span class="str">'Log injection'</span><span class="op">:</span> <span class="str">'Log injection'</span><span class="op">,</span> <span class="str">'TLS implementation'</span><span class="op">:</span><span class="str">'TLS implementation must operate in an approved mode of operation'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t66" class="pln"><span class="n"><a href="#t66">66</a></span><span class="t">        <span class="str">'TLS implementation must operate in an approved mode of operation'</span><span class="op">:</span> <span class="str">'TLS implementation must operate in an approved mode of operation'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t67" class="pln"><span class="n"><a href="#t67">67</a></span><span class="t">        <span class="str">'Third party components'</span><span class="op">:</span> <span class="str">'Third party components'</span><span class="op">,</span> <span class="str">'File upload outside document root'</span><span class="op">:</span> <span class="str">'File upload outside document root'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t68" class="pln"><span class="n"><a href="#t68">68</a></span><span class="t">        <span class="str">'Verify application is not vulnerable for known security issues'</span><span class="op">:</span> <span class="str">'Verify application is not vulnerable for known security issues'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t69" class="pln"><span class="n"><a href="#t69">69</a></span><span class="t">        <span class="str">'Display concurrent and active sessions'</span><span class="op">:</span> <span class="str">'Display concurrent and active sessions'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t70" class="pln"><span class="n"><a href="#t70">70</a></span><span class="t">        <span class="str">'Principle of least privilege'</span><span class="op">:</span> <span class="str">'Principle of least privilege'</span><span class="op">,</span> <span class="str">'Enforce policys for sensitive data processing'</span><span class="op">:</span> <span class="str">'Enforce policys for sensitive data processing'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t71" class="pln"><span class="n"><a href="#t71">71</a></span><span class="t">        <span class="str">'Secrets should be secure random generated'</span><span class="op">:</span> <span class="str">'Secrets should be secure random generated'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t72" class="pln"><span class="n"><a href="#t72">72</a></span><span class="t">        <span class="str">'Access to any master secret must be protected from unauthorized access'</span><span class="op">:</span> <span class="str">'Access to any master secret must be protected from unauthorized access'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t73" class="pln"><span class="n"><a href="#t73">73</a></span><span class="t">        <span class="str">'centralized security controls'</span><span class="op">:</span> <span class="str">'centralized security controls'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t74" class="pln"><span class="n"><a href="#t74">74</a></span><span class="t">        <span class="str">'Password change leads to destroying concurrent sessions'</span><span class="op">:</span> <span class="str">'Password change leads to destroying concurrent sessions'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t75" class="pln"><span class="n"><a href="#t75">75</a></span><span class="t">        <span class="str">'Unauthorized credential changes'</span><span class="op">:</span> <span class="str">'Unauthorized credential changes'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t76" class="pln"><span class="n"><a href="#t76">76</a></span><span class="t">        <span class="str">'Available log analysis tools'</span><span class="op">:</span> <span class="str">'Available log analysis tools'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t77" class="pln"><span class="n"><a href="#t77">77</a></span><span class="t">        <span class="str">'Access control failure'</span><span class="op">:</span> <span class="str">'Access control failure'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t78" class="pln"><span class="n"><a href="#t78">78</a></span><span class="t">        <span class="str">'Sensitive information transmitted by unencrypted methods'</span><span class="op">:</span> <span class="str">'Sensitive information transmitted by unencrypted methods'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t79" class="pln"><span class="n"><a href="#t79">79</a></span><span class="t">        <span class="str">'XML injection'</span><span class="op">:</span> <span class="str">'XML injection'</span><span class="op">,</span> <span class="str">'TLS implementation'</span><span class="op">:</span> <span class="str">'TLS implementation'</span><span class="op">,</span> <span class="str">'CA certificates'</span><span class="op">:</span> <span class="str">'CA certificates'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t80" class="pln"><span class="n"><a href="#t80">80</a></span><span class="t">        <span class="str">'All time sources should be synchronized'</span><span class="op">:</span> <span class="str">'All time sources should be synchronized'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t81" class="pln"><span class="n"><a href="#t81">81</a></span><span class="t">        <span class="str">'Runtime environment'</span><span class="op">:</span> <span class="str">'Runtime environment'</span><span class="op">,</span> <span class="str">'xss injection'</span><span class="op">:</span> <span class="str">'xss injection'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t82" class="pln"><span class="n"><a href="#t82">82</a></span><span class="t">        <span class="str">'sensitive information stored in cookies'</span><span class="op">:</span> <span class="str">'sensitive information stored in cookies'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t83" class="pln"><span class="n"><a href="#t83">83</a></span><span class="t">        <span class="str">'Possible attackers of the application must be documented'</span><span class="op">:</span> <span class="str">'Possible attackers of the application must be documented'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t84" class="pln"><span class="n"><a href="#t84">84</a></span><span class="t">        <span class="str">'Accessible non parsed dynamic scripts'</span><span class="op">:</span> <span class="str">'Accessible non parsed dynamic scripts'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t85" class="pln"><span class="n"><a href="#t85">85</a></span><span class="t">        <span class="str">'Include X Content Type Options header'</span><span class="op">:</span> <span class="str">'Include X Content Type Options header'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t86" class="pln"><span class="n"><a href="#t86">86</a></span><span class="t">        <span class="str">'Include anti clickjacking headers'</span><span class="op">:</span> <span class="str">'Include anti clickjacking headers'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t87" class="pln"><span class="n"><a href="#t87">87</a></span><span class="t">        <span class="str">'Enforce sequential step order'</span><span class="op">:</span> <span class="str">'Enforce sequential step order'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t88" class="pln"><span class="n"><a href="#t88">88</a></span><span class="t">        <span class="str">'All connections should be TLS'</span><span class="op">:</span> <span class="str">'All connections should be TLS'</span><span class="op">,</span> <span class="str">'Debug enabeling'</span><span class="op">:</span> <span class="str">'Debug enabeling'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t89" class="pln"><span class="n"><a href="#t89">89</a></span><span class="t">        <span class="str">'Screen scraping data harvest'</span><span class="op">:</span> <span class="str">'Screen scraping data harvest'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t90" class="pln"><span class="n"><a href="#t90">90</a></span><span class="t">        <span class="str">'GET POST requests'</span><span class="op">:</span> <span class="str">'GET POST requests'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t91" class="pln"><span class="n"><a href="#t91">91</a></span><span class="t">        <span class="str">'Logging guidelines'</span><span class="op">:</span> <span class="str">'Logging guidelines'</span><span class="op">,</span> <span class="str">'Cross origin resource sharing'</span><span class="op">:</span> <span class="str">'Cross origin resource sharing'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t92" class="pln"><span class="n"><a href="#t92">92</a></span><span class="t">        <span class="str">'Character encoding'</span><span class="op">:</span> <span class="str">'Character encoding'</span><span class="op">,</span> <span class="str">'External DTD parsing'</span><span class="op">:</span> <span class="str">'External DTD parsing'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t93" class="pln"><span class="n"><a href="#t93">93</a></span><span class="t">        <span class="str">'Error handling on trusted devices'</span><span class="op">:</span> <span class="str">'Error handling on trusted devices'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t94" class="pln"><span class="n"><a href="#t94">94</a></span><span class="t">        <span class="str">'HTML injections'</span><span class="op">:</span> <span class="str">'HTML injections'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t95" class="pln"><span class="n"><a href="#t95">95</a></span><span class="t">        <span class="str">'Authentication at a central location'</span><span class="op">:</span> <span class="str">'Authentication at a central location'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t96" class="pln"><span class="n"><a href="#t96">96</a></span><span class="t">        <span class="str">'The crossdomain xml should only contains trusted domains'</span><span class="op">:</span> <span class="str">'The crossdomain xml should only contains trusted domains'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t97" class="pln"><span class="n"><a href="#t97">97</a></span><span class="t">        <span class="str">'Forget password functions'</span><span class="op">:</span> <span class="str">'Forget password functions'</span><span class="op">,</span> <span class="str">'File'</span><span class="op">:</span> <span class="str">'File'</span><span class="op">,</span> <span class="str">'Log rotation and seperation'</span><span class="op">:</span>&nbsp;</span><span class="r"></span></p>
    <p id="t98" class="pln"><span class="n"><a href="#t98">98</a></span><span class="t">        <span class="str">'Log rotation and seperation'</span><span class="op">,</span> <span class="str">'concurrent session handling'</span><span class="op">:</span> <span class="str">'concurrent session handling'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t99" class="pln"><span class="n"><a href="#t99">99</a></span><span class="t">        <span class="str">'two factor authentication against username password disclosure'</span><span class="op">:</span> <span class="str">'two factor authentication against username password disclosure'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t100" class="pln"><span class="n"><a href="#t100">100</a></span><span class="t">        <span class="str">'Log TLS connection failures'</span><span class="op">:</span> <span class="str">'Log TLS connection failures'</span><span class="op">,</span> <span class="str">'Sandboxing malicious code'</span><span class="op">:</span> <span class="str">'Sandboxing malicious code'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t101" class="pln"><span class="n"><a href="#t101">101</a></span><span class="t">        <span class="str">'Version management'</span><span class="op">:</span> <span class="str">'Version management'</span><span class="op">,</span> <span class="str">'Trusted repositories'</span><span class="op">:</span> <span class="str">'Trusted repositories'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t102" class="pln"><span class="n"><a href="#t102">102</a></span><span class="t">        <span class="str">'High value transactions'</span><span class="op">:</span> <span class="str">'High value transactions'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t103" class="pln"><span class="n"><a href="#t103">103</a></span><span class="t">        <span class="str">'Sandboxing code'</span><span class="op">:</span><span class="str">'Sandboxing malicious code'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t104" class="pln"><span class="n"><a href="#t104">104</a></span><span class="t">        <span class="str">'logging is performed before executing the transaction'</span><span class="op">:</span> <span class="str">'logging is performed before executing the transaction'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t105" class="pln"><span class="n"><a href="#t105">105</a></span><span class="t">        <span class="str">'Safe javascript jquery methods'</span><span class="op">:</span> <span class="str">'Safe javascript jquery methods'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t106" class="pln"><span class="n"><a href="#t106">106</a></span><span class="t">        <span class="str">'SQL injection'</span><span class="op">:</span><span class="str">'SQL injection Column truncation'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t107" class="pln"><span class="n"><a href="#t107">107</a></span><span class="t">        <span class="str">'SQL injection Column truncation'</span><span class="op">:</span> <span class="str">'SQL injection Column truncation'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t108" class="pln"><span class="n"><a href="#t108">108</a></span><span class="t">        <span class="str">'Account lockout'</span><span class="op">:</span> <span class="str">'Account lockout'</span><span class="op">,</span> <span class="str">'XSLT'</span><span class="op">:</span><span class="str">'XSLT injections'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t109" class="pln"><span class="n"><a href="#t109">109</a></span><span class="t">        <span class="str">'Intrusion detection'</span><span class="op">:</span><span class="str">'Intrusion detecting and reporting'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t110" class="pln"><span class="n"><a href="#t110">110</a></span><span class="t">        <span class="str">'Intrusion detecting and reporting'</span><span class="op">:</span> <span class="str">'Intrusion detecting and reporting'</span><span class="op">,</span> <span class="str">'XSLT injections'</span><span class="op">:</span> <span class="str">'XSLT injections'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t111" class="pln"><span class="n"><a href="#t111">111</a></span><span class="t">        <span class="str">'Signed application components'</span><span class="op">:</span> <span class="str">'Signed application components'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t112" class="pln"><span class="n"><a href="#t112">112</a></span><span class="t">        <span class="str">'HTTP headers added by a frontend'</span><span class="op">:</span> <span class="str">'HTTP headers added by a frontend'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t113" class="pln"><span class="n"><a href="#t113">113</a></span><span class="t">        <span class="str">'Servers must not be trusted without explicit authentication'</span><span class="op">:</span> <span class="str">'Servers must not be trusted without explicit authentication'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t114" class="pln"><span class="n"><a href="#t114">114</a></span><span class="t">        <span class="str">'Approved random number generator'</span><span class="op">:</span> <span class="str">'Approved random number generator'</span><span class="op">,</span> <span class="str">'Repudiation attack'</span><span class="op">:</span> <span class="str">'Repudiation attack'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t115" class="pln"><span class="n"><a href="#t115">115</a></span><span class="t">        <span class="str">'Password forget pattern'</span><span class="op">:</span> <span class="str">'Password forget pattern'</span><span class="op">,</span><span class="str">'Repudiation'</span><span class="op">:</span><span class="str">'Repudiation attack'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t116" class="pln"><span class="n"><a href="#t116">116</a></span><span class="t">        <span class="str">'public key pinning'</span><span class="op">:</span><span class="str">'TLS certificate public key pinning'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t117" class="pln"><span class="n"><a href="#t117">117</a></span><span class="t">        <span class="str">'TLS certificate'</span><span class="op">:</span><span class="str">'TLS certificate public key pinning'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t118" class="pln"><span class="n"><a href="#t118">118</a></span><span class="t">        <span class="str">'TLS certificate public key pinning'</span><span class="op">:</span> <span class="str">'TLS certificate public key pinning'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t119" class="pln"><span class="n"><a href="#t119">119</a></span><span class="t">        <span class="str">'Content type headers'</span><span class="op">:</span> <span class="str">'Content type headers'</span><span class="op">,</span><span class="str">'Content type'</span><span class="op">:</span><span class="str">'Content type headers'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t120" class="pln"><span class="n"><a href="#t120">120</a></span><span class="t">        <span class="str">'Session cookies without the HttpOnly flag'</span><span class="op">:</span> <span class="str">'Session cookies without the HttpOnly flag'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t121" class="pln"><span class="n"><a href="#t121">121</a></span><span class="t">        <span class="str">'Commonly chosen weak passwords and passphrases'</span><span class="op">:</span> <span class="str">'Commonly chosen weak passwords and passphrases'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t122" class="pln"><span class="n"><a href="#t122">122</a></span><span class="t">        <span class="str">'Commonly chosen passphrases'</span><span class="op">:</span><span class="str">'Commonly chosen weak passwords and passphrases'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t123" class="pln"><span class="n"><a href="#t123">123</a></span><span class="t">        <span class="str">'Commonly chosen weak passwords'</span><span class="op">:</span><span class="str">'Commonly chosen weak passwords and passphrases'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t124" class="pln"><span class="n"><a href="#t124">124</a></span><span class="t">        <span class="str">'Authentication based on the knowledge of a secret URL'</span><span class="op">:</span> <span class="str">'Authentication based on the knowledge of a secret URL'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t125" class="pln"><span class="n"><a href="#t125">125</a></span><span class="t">        <span class="str">'RFD and file download injections'</span><span class="op">:</span> <span class="str">'RFD and file download injections'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t126" class="pln"><span class="n"><a href="#t126">126</a></span><span class="t">        <span class="str">'file download injections'</span><span class="op">:</span><span class="str">'RFD and file download injections'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t127" class="pln"><span class="n"><a href="#t127">127</a></span><span class="t">        <span class="str">'RFD injections'</span><span class="op">:</span><span class="str">'RFD and file download injections'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t128" class="pln"><span class="n"><a href="#t128">128</a></span><span class="t">        <span class="str">'RFD and file download'</span><span class="op">:</span><span class="str">'RFD and file download injections'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t129" class="pln"><span class="n"><a href="#t129">129</a></span><span class="t">        <span class="str">'The audit log must include a priority system'</span><span class="op">:</span> <span class="str">'The audit log must include a priority system'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t130" class="pln"><span class="n"><a href="#t130">130</a></span><span class="t">        <span class="str">'External session hijacking'</span><span class="op">:</span> <span class="str">'External session hijacking'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t131" class="pln"><span class="n"><a href="#t131">131</a></span><span class="t">        <span class="str">'session hijacking'</span><span class="op">:</span><span class="str">'External session hijacking'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t132" class="pln"><span class="n"><a href="#t132">132</a></span><span class="t">        <span class="str">'HTTP header injection'</span><span class="op">:</span> <span class="str">'HTTP header injection'</span><span class="op">,</span> <span class="str">'HTTP header'</span><span class="op">:</span><span class="str">'HTTP header injection'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t133" class="pln"><span class="n"><a href="#t133">133</a></span><span class="t">        <span class="str">'Password leakage'</span><span class="op">:</span> <span class="str">'Password leakage'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t134" class="pln"><span class="n"><a href="#t134">134</a></span><span class="t">        <span class="str">'Include X XSS'</span><span class="op">:</span> <span class="str">'Include X XSS'</span><span class="op">,</span><span class="str">'X XSS'</span><span class="op">:</span><span class="str">'Include X XSS'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t135" class="pln"><span class="n"><a href="#t135">135</a></span><span class="t">        <span class="str">'User registration pattern'</span><span class="op">:</span><span class="str">'User registration pattern'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t136" class="pln"><span class="n"><a href="#t136">136</a></span><span class="t">        <span class="str">'User registration pattern'</span><span class="op">:</span> <span class="str">'User registration pattern'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t137" class="pln"><span class="n"><a href="#t137">137</a></span><span class="t">        <span class="str">'Security settings in your development frameworks'</span><span class="op">:</span> <span class="str">'Security settings in your development frameworks'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t138" class="pln"><span class="n"><a href="#t138">138</a></span><span class="t">        <span class="str">'Extraneous files in document root'</span><span class="op">:</span> <span class="str">'Extraneous files in document root'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t139" class="pln"><span class="n"><a href="#t139">139</a></span><span class="t">        <span class="str">'Extraneous files in root'</span><span class="op">:</span><span class="str">'Extraneous files in document root'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t140" class="pln"><span class="n"><a href="#t140">140</a></span><span class="t">        <span class="str">'unencrypted links'</span><span class="op">:</span><span class="str">'HTTPS and weakly or unencrypted links'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t141" class="pln"><span class="n"><a href="#t141">141</a></span><span class="t">        <span class="str">'HTTPS and weakly or unencrypted links'</span><span class="op">:</span> <span class="str">'HTTPS and weakly or unencrypted links'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t142" class="pln"><span class="n"><a href="#t142">142</a></span><span class="t">        <span class="str">'Policy for managing cryptographic keys'</span><span class="op">:</span> <span class="str">'Policy for managing cryptographic keys'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t143" class="pln"><span class="n"><a href="#t143">143</a></span><span class="t">        <span class="str">'data controller display layer separation'</span><span class="op">:</span> <span class="str">'data controller display layer separation'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t144" class="pln"><span class="n"><a href="#t144">144</a></span><span class="t">        <span class="str">'Parsing JSON with Javascript'</span><span class="op">:</span> <span class="str">'Parsing JSON with Javascript'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t145" class="pln"><span class="n"><a href="#t145">145</a></span><span class="t">        <span class="str">'Regular expression'</span><span class="op">:</span> <span class="str">'Regular expression injection'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t146" class="pln"><span class="n"><a href="#t146">146</a></span><span class="t">        <span class="str">'Threat modeling'</span><span class="op">:</span> <span class="str">'Threat modeling'</span><span class="op">,</span> <span class="str">'Privilege escalation'</span><span class="op">:</span> <span class="str">'Privilege escalation'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t147" class="pln"><span class="n"><a href="#t147">147</a></span><span class="t">        <span class="str">'Regular expression injection'</span><span class="op">:</span> <span class="str">'Regular expression injection'</span><span class="op">,</span><span class="str">'SSI'</span><span class="op">:</span><span class="str">'SSI injections'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t148" class="pln"><span class="n"><a href="#t148">148</a></span><span class="t">        <span class="str">'verbose authentication'</span><span class="op">:</span> <span class="str">'Too verbose authentication'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t149" class="pln"><span class="n"><a href="#t149">149</a></span><span class="t">        <span class="str">'SSI injections'</span><span class="op">:</span> <span class="str">'SSI injections'</span><span class="op">,</span> <span class="str">'Too verbose authentication'</span><span class="op">:</span> <span class="str">'Too verbose authentication'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t150" class="pln"><span class="n"><a href="#t150">150</a></span><span class="t">         <span class="str">'Malicious intent'</span><span class="op">:</span> <span class="str">'Malicious intent'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t151" class="pln"><span class="n"><a href="#t151">151</a></span><span class="t">         <span class="str">'Validate the integrity of all security relevant configurations'</span><span class="op">:</span> <span class="str">'Validate the integrity of all security relevant configurations'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t152" class="pln"><span class="n"><a href="#t152">152</a></span><span class="t">         <span class="str">'The login functionality should always generate a new session id'</span><span class="op">:</span> <span class="str">'The login functionality should always generate a new session id'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t153" class="pln"><span class="n"><a href="#t153">153</a></span><span class="t">         <span class="str">'Audit logs'</span><span class="op">:</span> <span class="str">'Audit logs'</span><span class="op">,</span> <span class="str">'SOAP basic profile'</span><span class="op">:</span> <span class="str">'SOAP basic profile'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t154" class="pln"><span class="n"><a href="#t154">154</a></span><span class="t">         <span class="str">'identify all application components'</span><span class="op">:</span> <span class="str">'identify all application components'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t155" class="pln"><span class="n"><a href="#t155">155</a></span><span class="t">         <span class="str">'Insecure transmission of cookies'</span><span class="op">:</span><span class="str">'Insecure transmission of session cookies'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t156" class="pln"><span class="n"><a href="#t156">156</a></span><span class="t">         <span class="str">'Insecure transmission of session cookies'</span><span class="op">:</span> <span class="str">'Insecure transmission of session cookies'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t157" class="pln"><span class="n"><a href="#t157">157</a></span><span class="t">         <span class="str">'Policy for processing sensitive data'</span><span class="op">:</span> <span class="str">'Policy for processing sensitive data'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t158" class="pln"><span class="n"><a href="#t158">158</a></span><span class="t">         <span class="str">'Enforce anti'</span><span class="op">:</span> <span class="str">'Enforce anti'</span><span class="op">,</span> <span class="str">'Sandboxing'</span><span class="op">:</span> <span class="str">'Sandboxing'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t159" class="pln"><span class="n"><a href="#t159">159</a></span><span class="t">         <span class="str">'information is not stored server side'</span><span class="op">:</span><span class="str">'Session information is not stored server side'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t160" class="pln"><span class="n"><a href="#t160">160</a></span><span class="t">         <span class="str">'User generated session ids should be rejected by the server'</span><span class="op">:</span> <span class="str">'User generated session ids should be rejected by the server'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t161" class="pln"><span class="n"><a href="#t161">161</a></span><span class="t">         <span class="str">'Session information is not stored server side'</span><span class="op">:</span> <span class="str">'Session information is not stored server side'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t162" class="pln"><span class="n"><a href="#t162">162</a></span><span class="t">        <span class="str">'JSON XML'</span><span class="op">:</span><span class="str">'JSON XML schema'</span><span class="op">,</span><span class="str">'Resource identifier'</span><span class="op">:</span><span class="str">'Resource identifier injection'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t163" class="pln"><span class="n"><a href="#t163">163</a></span><span class="t">         <span class="str">'JSON XML schema'</span><span class="op">:</span> <span class="str">'JSON XML schema'</span><span class="op">,</span> <span class="str">'Resource identifier injection'</span><span class="op">:</span> <span class="str">'Resource identifier injection'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t164" class="pln"><span class="n"><a href="#t164">164</a></span><span class="t">         <span class="str">'Access management'</span><span class="op">:</span> <span class="str">'Access management'</span><span class="op">,</span> <span class="str">'Principle of complete mediation'</span><span class="op">:</span> <span class="str">'Principle of complete mediation'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t165" class="pln"><span class="n"><a href="#t165">165</a></span><span class="t">         <span class="str">'The possible risks to the application must be documented'</span><span class="op">:</span> <span class="str">'The possible risks to the application must be documented'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t166" class="pln"><span class="n"><a href="#t166">166</a></span><span class="t">         <span class="str">'Session ids should be generated with sufficient entropy'</span><span class="op">:</span> <span class="str">'Session ids should be generated with sufficient entropy'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t167" class="pln"><span class="n"><a href="#t167">167</a></span><span class="t">        <span class="str">'File upload'</span><span class="op">:</span><span class="str">'File upload injections'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t168" class="pln"><span class="n"><a href="#t168">168</a></span><span class="t">         <span class="str">'File upload injections'</span><span class="op">:</span> <span class="str">'File upload injections'</span><span class="op">,</span> <span class="str">'Client side constraints'</span><span class="op">:</span> <span class="str">'Client side constraints'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t169" class="pln"><span class="n"><a href="#t169">169</a></span><span class="t">         <span class="str">'Application assets hosted on secure location'</span><span class="op">:</span> <span class="str">'Application assets hosted on secure location'</span><span class="op">,</span> <span class="str">'Context sensitive authorization'</span><span class="op">:</span> <span class="str">'Context sensitive authorization'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t170" class="pln"><span class="n"><a href="#t170">170</a></span><span class="t">         <span class="str">'Proces high value business logic flows in a trusted environment'</span><span class="op">:</span> <span class="str">'Proces high value business logic flows in a trusted environment'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t171" class="pln"><span class="n"><a href="#t171">171</a></span><span class="t">         <span class="str">'Identifier based authorization'</span><span class="op">:</span> <span class="str">'Identifier based authorization'</span><span class="op">,</span> <span class="str">'CSRF on REST'</span><span class="op">:</span> <span class="str">'CSRF on REST'</span><span class="op">,</span> <span class="str">'User credentials in audit logs'</span><span class="op">:</span> <span class="str">'User credentials in audit logs'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t172" class="pln"><span class="n"><a href="#t172">172</a></span><span class="t">         <span class="str">'HTML Caching and client side caching'</span><span class="op">:</span> <span class="str">'HTML Caching and client side caching'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t173" class="pln"><span class="n"><a href="#t173">173</a></span><span class="t">         <span class="str">'HTML Caching'</span><span class="op">:</span><span class="str">'HTML Caching and client side caching'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t174" class="pln"><span class="n"><a href="#t174">174</a></span><span class="t">         <span class="str">'client side caching'</span><span class="op">:</span><span class="str">'HTML Caching and client side caching'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t175" class="pln"><span class="n"><a href="#t175">175</a></span><span class="t">         <span class="str">'User restriction for sensitive data'</span><span class="op">:</span> <span class="str">'User restriction for sensitive data'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t176" class="pln"><span class="n"><a href="#t176">176</a></span><span class="t">         <span class="str">'Prepared statements and query parameterization'</span><span class="op">:</span> <span class="str">'Prepared statements and query parameterization'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t177" class="pln"><span class="n"><a href="#t177">177</a></span><span class="t">         <span class="str">'Authentication enforced by the web sever'</span><span class="op">:</span> <span class="str">'Authentication enforced by the web sever'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t178" class="pln"><span class="n"><a href="#t178">178</a></span><span class="t">         <span class="str">'Identifier based'</span><span class="op">:</span><span class="str">'Identifier based authorization'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t179" class="pln"><span class="n"><a href="#t179">179</a></span><span class="t">         <span class="str">'STRIDE'</span><span class="op">:</span> <span class="str">'STRIDE'</span><span class="op">,</span> <span class="str">'Identify all components'</span><span class="op">:</span> <span class="str">'Identify all components'</span><span class="op">,</span> <span class="str">'Aggregate access control protection'</span><span class="op">:</span> <span class="str">'Aggregate access control protection'</span><span class="op">,</span> <span class="str">'Re authentication'</span><span class="op">:</span> <span class="str">'Re authentication'</span><span class="op">,</span> <span class="str">'Does The application enforce the use of secure passwords'</span><span class="op">:</span> <span class="str">'Does The application enforce the use of secure passwords'</span><span class="op">,</span> <span class="str">'Command injection'</span><span class="op">:</span> <span class="str">'Command injection'</span><span class="op">,</span> <span class="str">'Sensitive information stored alongside the source code'</span><span class="op">:</span> <span class="str">'Sensitive information stored alongside the source code'</span><span class="op">,</span> <span class="str">'Client side storage'</span><span class="op">:</span> <span class="str">'Client side storage'</span><span class="op">,</span> <span class="str">'Open forward and Open redirects'</span><span class="op">:</span> <span class="str">'Open forward and Open redirects'</span><span class="op">,</span> <span class="str">'Are all passwords hashed, salted and stretched'</span><span class="op">:</span> <span class="str">'Are all passwords hashed, salted and stretched'</span><span class="op">,</span> <span class="str">'Forward secrecy ciphers'</span><span class="op">:</span> <span class="str">'Forward secrecy ciphers'</span><span class="op">,</span> <span class="str">'Aggregate user requests'</span><span class="op">:</span> <span class="str">'Aggregate user requests'</span><span class="op">,</span> <span class="str">'Do not support untrusted client side technologies'</span><span class="op">:</span> <span class="str">'Do not support untrusted client side technologies'</span><span class="op">,</span> <span class="str">'Hardware key vault'</span><span class="op">:</span> <span class="str">'Hardware key vault'</span><span class="op">,</span> <span class="str">'All authentication controls must fail securely'</span><span class="op">:</span> <span class="str">'All authentication controls must fail securely'</span><span class="op">,</span> <span class="str">'Client side state management'</span><span class="op">:</span> <span class="str">'Client side state management'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t180" class="pln"><span class="n"><a href="#t180">180</a></span><span class="t">        <span class="str">'X Path'</span><span class="op">:</span><span class="str">'X Path injections'</span><span class="op">,</span> <span class="str">'X Path injections'</span><span class="op">:</span> <span class="str">'X Path injections'</span><span class="op">,</span> <span class="str">'HSTS preload'</span><span class="op">:</span> <span class="str">'HSTS preload'</span><span class="op">,</span> <span class="str">'cross subdomain cookie attack'</span><span class="op">:</span> <span class="str">'cross subdomain cookie attack'</span><span class="op">,</span> <span class="str">'Signed message payloads'</span><span class="op">:</span> <span class="str">'Signed message payloads'</span><span class="op">,</span> <span class="str">'Sanitize unstructured data'</span><span class="op">:</span> <span class="str">'Sanitize unstructured data'</span><span class="op">,</span> <span class="str">'Denial of service by locking out accounts'</span><span class="op">:</span> <span class="str">'Denial of service by locking out accounts'</span><span class="op">,</span> <span class="str">'Zero keys and secrets before destroying them'</span><span class="op">:</span> <span class="str">'Zero keys and secrets before destroying them'</span><span class="op">,</span> <span class="str">'Unnecessary features enabled or installed'</span><span class="op">:</span> <span class="str">'Unnecessary features enabled or installed'</span><span class="op">,</span> <span class="str">'XML attacks'</span><span class="op">:</span> <span class="str">'XML attacks'</span><span class="op">,</span> <span class="str">'The logout functionality should revoke the complete session'</span><span class="op">:</span> <span class="str">'The logout functionality should revoke the complete session'</span><span class="op">,</span> <span class="str">'Content security policy headers'</span><span class="op">:</span> <span class="str">'Content security policy headers'</span><span class="op">,</span> <span class="str">'Double decoding of headers parameters'</span><span class="op">:</span> <span class="str">'Double decoding of headers parameters'</span><span class="op">,</span> <span class="str">'Automatic parameter binding'</span><span class="op">:</span> <span class="str">'Automatic parameter binding'</span><span class="op">,</span> <span class="str">'Logging implemented on the serverside'</span><span class="op">:</span> <span class="str">'Logging implemented on the serverside'</span><span class="op">,</span> <span class="str">'Sending data parameters to untrusted devices'</span><span class="op">:</span> <span class="str">'Sending data parameters to untrusted devices'</span><span class="op">,</span> <span class="str">'Submit forms pattern'</span><span class="op">:</span> <span class="str">'Submit forms pattern'</span><span class="op">,</span> <span class="str">'Username enumeration'</span><span class="op">:</span> <span class="str">'Username enumeration'</span><span class="op">,</span> <span class="str">'proven authentication mechanisms'</span><span class="op">:</span> <span class="str">'proven authentication mechanisms'</span><span class="op">,</span> <span class="str">'Enforce random numbers are created with proper entropy at runtime'</span><span class="op">:</span> <span class="str">'Enforce random numbers are created with proper entropy at runtime'</span><span class="op">,</span> <span class="str">'Directory listing'</span><span class="op">:</span> <span class="str">'Directory listing'</span><span class="op">,</span> <span class="str">'Brute force password guessing'</span><span class="op">:</span> <span class="str">'Brute force password guessing'</span><span class="op">,</span> <span class="str">'Client side authentication'</span><span class="op">:</span> <span class="str">'Client side authentication'</span><span class="op">,</span> <span class="str">'Encrypt sensitive information different depending on context'</span><span class="op">:</span> <span class="str">'Encrypt sensitive information different depending on context'</span><span class="op">,</span> <span class="str">'Single input validation controls'</span><span class="op">:</span> <span class="str">'Single input validation controls'</span><span class="op">,</span> <span class="str">'Protection against different exfiltration techniques'</span><span class="op">:</span> <span class="str">'Protection against different exfiltration techniques'</span><span class="op">,</span> <span class="str">'Prevent password pre filling'</span><span class="op">:</span> <span class="str">'Prevent password pre filling'</span><span class="op">,</span> <span class="str">'Access control pattern'</span><span class="op">:</span> <span class="str">'Access control pattern'</span><span class="op">,</span> <span class="str">'Distinguish log'</span><span class="op">:</span> <span class="str">'Distinguish log'</span><span class="op">,</span> <span class="str">'not available item'</span><span class="op">:</span> <span class="str">'not available item'</span><span class="op">,</span> <span class="str">'Cross site request forgery'</span><span class="op">:</span> <span class="str">'Cross site request forgery'</span><span class="op">,</span> <span class="str">'cryptographic function implementation'</span><span class="op">:</span> <span class="str">'cryptographic function implementation'</span><span class="op">,</span> <span class="str">'Deny access from remote resources or systems'</span><span class="op">:</span> <span class="str">'Deny access from remote resources or systems'</span><span class="op">,</span> <span class="str">'Keys and passwords should be replaceable'</span><span class="op">:</span> <span class="str">'Keys and passwords should be replaceable'</span><span class="op">,</span> <span class="str">'Logging validation failures'</span><span class="op">:</span> <span class="str">'Logging validation failures'</span><span class="op">,</span> <span class="str">'Automated spamming via feedback scripts'</span><span class="op">:</span> <span class="str">'Automated spamming via feedback scripts'</span><span class="op">,</span> <span class="str">'cryptographic modules must fail securely'</span><span class="op">:</span> <span class="str">'cryptographic modules must fail securely'</span><span class="op">,</span> <span class="str">'Parsing data  exchange formats'</span><span class="op">:</span> <span class="str">'Parsing data  exchange formats'</span><span class="op">,</span> <span class="str">'Positive validation model'</span><span class="op">:</span> <span class="str">'Positive validation model'</span><span class="op">,</span> <span class="str">'Server side validation'</span><span class="op">:</span> <span class="str">'Server side validation'</span><span class="op">,</span> <span class="str">'Server side request forgery'</span><span class="op">:</span> <span class="str">'Server side request forgery'</span><span class="op">,</span> <span class="str">'API resonses security headers'</span><span class="op">:</span> <span class="str">'API resonses security headers'</span><span class="op">,</span> <span class="str">'Session cookies without the Secure flag'</span><span class="op">:</span> <span class="str">'Session cookies without the Secure flag'</span><span class="op">,</span> <span class="str">'Integrity check and authorised modification'</span><span class="op">:</span> <span class="str">'Integrity check and authorised modification'</span><span class="op">,</span> <span class="str">'Protect agains exported activities or content providers'</span><span class="op">:</span> <span class="str">'Protect agains exported activities or content providers'</span><span class="op">,</span> <span class="str">'Strong CRYPTO through CA hierachy'</span><span class="op">:</span> <span class="str">'Strong CRYPTO through CA hierachy'</span><span class="op">,</span> <span class="str">'Centralized the mechanisms for protecting resources and the access'</span><span class="op">:</span> <span class="str">'Centralized the mechanisms for protecting resources and the access'</span><span class="op">,</span> <span class="str">'TLS settings are in line with current leading practice'</span><span class="op">:</span> <span class="str">'TLS settings are in line with current leading practice'</span><span class="op">,</span> <span class="str">'XXE injections'</span><span class="op">:</span> <span class="str">'XXE injections'</span><span class="op">,</span> <span class="str">'Communication between components (low privileges)'</span><span class="op">:</span> <span class="str">'Communication between components (low privileges)'</span><span class="op">,</span> <span class="str">'File upload anti virus check'</span><span class="op">:</span> <span class="str">'File upload anti virus check'</span><span class="op">,</span> <span class="str">'Data retention policy'</span><span class="op">:</span> <span class="str">'Data retention policy'</span><span class="op">,</span> <span class="str">'PII protection'</span><span class="op">:</span> <span class="str">'PII protection'</span><span class="op">,</span> <span class="str">'High level architecture should be defined'</span><span class="op">:</span> <span class="str">'High level architecture should be defined'</span><span class="op">,</span> <span class="str">'Robots.txt'</span><span class="op">:</span> <span class="str">'Robots.txt'</span><span class="op">,</span> <span class="str">'Protect sensitive activities intents or content providers'</span><span class="op">:</span> <span class="str">'Protect sensitive activities intents or content providers'</span><span class="op">,</span> <span class="str">'Avoid the use of default and predictable acounts.'</span><span class="op">:</span> <span class="str">'Avoid the use of default and predictable acounts.'</span><span class="op">,</span> <span class="str">'Verbose version information'</span><span class="op">:</span> <span class="str">'Verbose version information'</span><span class="op">,</span> <span class="str">'Verify integrity using checksums'</span><span class="op">:</span> <span class="str">'Verify integrity using checksums'</span><span class="op">,</span> <span class="str">'Unproven cryptographic algorithms'</span><span class="op">:</span> <span class="str">'Unproven cryptographic algorithms'</span><span class="op">,</span> <span class="str">'Verify that structured data is strongly typed and validated'</span><span class="op">:</span> <span class="str">'Verify that structured data is strongly typed and validated'</span><span class="op">,</span> <span class="str">'Session IDs do not timeout (idl)'</span><span class="op">:</span> <span class="str">'Session IDs do not timeout (idl)'</span><span class="op">,</span> <span class="str">'Disable autocomplete for all the input fields in forms'</span><span class="op">:</span> <span class="str">'Disable autocomplete for all the input fields in forms'</span><span class="op">,</span> <span class="str">'authenticated data cleared from client storage'</span><span class="op">:</span> <span class="str">'authenticated data cleared from client storage'</span><span class="op">,</span> <span class="str">'Verify that the session id is never disclosed'</span><span class="op">:</span> <span class="str">'Verify that the session id is never disclosed'</span><span class="op">,</span> <span class="str">'Ensure overall security'</span><span class="op">:</span> <span class="str">'Ensure overall security'</span><span class="op">,</span> <span class="str">'Dynamic scripting injection'</span><span class="op">:</span> <span class="str">'Dynamic scripting injection'</span><span class="op">,</span> <span class="str">'Insecure datastorage'</span><span class="op">:</span> <span class="str">'Insecure datastorage'</span><span class="op">,</span> <span class="str">'Logout structuring'</span><span class="op">:</span> <span class="str">'Logout structuring'</span><span class="op">,</span> <span class="str">'Cryptographic modules should operate in their approved mode according to their published security policies'</span><span class="op">:</span> <span class="str">'Cryptographic modules should operate in their approved mode according to their published security policies'</span><span class="op">,</span> <span class="str">'Auto escaping technology'</span><span class="op">:</span> <span class="str">'Auto escaping technology'</span><span class="op">,</span> <span class="str">'Session management control'</span><span class="op">:</span> <span class="str">'Session management control'</span><span class="op">,</span> <span class="str">'Sensitive information in code or online repositories'</span><span class="op">:</span> <span class="str">'Sensitive information inx code or online repositories'</span><span class="op">,</span> <span class="str">'Generate strong crypto tokens with at least 120 bit of effective entropy'</span><span class="op">:</span> <span class="str">'Generate strong crypto tokens with at least 120 bit of effective entropy'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t181" class="pln"><span class="n"><a href="#t181">181</a></span><span class="t">        <span class="str">'HTTP request'</span><span class="op">:</span> <span class="str">'HTTP request methods'</span><span class="op">,</span>&nbsp;</span><span class="r"></span></p>
    <p id="t182" class="pln"><span class="n"><a href="#t182">182</a></span><span class="t">        <span class="str">'HTTP request methods'</span><span class="op">:</span> <span class="str">'HTTP request methods'</span><span class="op">}</span>&nbsp;</span><span class="r"></span></p>
    <p id="t183" class="run"><span class="n"><a href="#t183">183</a></span><span class="t">        <span class="key">return</span> <span class="nam">vuln_dict</span>&nbsp;</span><span class="r"></span></p>
</div>
<div id="footer">
    <div class="content">
        <p>
            <a class="nav" href="index.html">&#xab; index</a> &nbsp; &nbsp; <a class="nav" href="https://coverage.readthedocs.io">coverage.py v5.5</a>,
            created at 2021-03-26 13:45 +0100
        </p>
    </div>
</div>
</body>
</html>
